• Journal of the Korea Society of Computer and Information
• /
• v.17 no.3
• /
• pp.77-83
• /
• 2012

As web pages provide various services, the distribution of malware via the web pages is being also increased. Malware can make personal information leak, system mal-function and system be zombie. To protect this damages, we should block the malicious web pages. Because the malicious codes embedded in web pages are obfuscated or transformed, it is difficult to detect them using signature-based approaches which are used by current anti-virus software. To overcome this problem, we extracted features to classify malicious web pages and benign ones by analyzing web pages. And we propose a classification method using SVM which is widely used in machine learning. Experimental results show that the proposed method is better than other methods. The proposed method could classify malicious web pages correctly and be helpful to block the distribution of malicious codes.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.31 no.1
• /
• pp.74-82
• /
• 2008

The objective of this paper is to remove noises of image based on the heuristic noises filter and to extract a tumor region by using morphology techniques in breast ultrasound image. Similar objective studies have been conducted based on ultrasound image of high resolution. As a result, efficiency of noise removal is not fine enough for low resolution image. Moreover, when ultrasound image has multiple tumors, the extraction of ROI (Region Of Interest) is not accomplished or processed by a manual selection. In this paper, our method is done 4 kinds of process for noises removal and the extraction of ROI for solving problems of restrictive automated segmentation. First process is that pixel value is acquired as matrix type. Second process is a image preprocessing phase that is aimed to maximize a contrast of image and prevent a leak of personal information. In next process, the heuristic noise filter that is based on opinion of medical specialist is applied to remove noises. The last process is to extract a tumor region by using morphology techniques. As a result, the noise is effectively eliminated in all images and a extraction of tumor regions is possible though one ultrasound image has several tumors.

• Journal of Internet Computing and Services
• /
• v.15 no.3
• /
• pp.31-43
• /
• 2014

Large number of Android mobile application has been developed and deployed through the Android open market by increasing android-based smart work device users recently. But, it has been discovered security vulnerabilities on malicious applications that are developed and deployed through the open market or 3rd party market. There are issues to leak user's personal and financial information in mobile devices to external server without the user's knowledge in most of malicious application inserted Trojan Horse forms of malicious code. Therefore, in order to minimize the damage caused by malignant constantly increasing malicious application, it is required a proactive detection mechanism development. In this paper, we analyzed the existing techniques' Pros and Cons to detect a malicious application and proposed discrimination and detection result using malicious application discrimination mechanism based on Jaccard similarity after collecting events occur in real-time execution on android-mobile devices.

• Fiber Technology and Industry
• /
• v.2 no.4
• /
• pp.490-508
• /
• 1998

One of the latest fields of research in the area of output devices is tactual display devices [13,31]. These tactual or haptic devices allow the user to receive haptic feedback output from a variety of sources. This allows the user to actually feel virtual objects and manipulate them by touch. This is an emerging technology and will be instrumental in enhancing the realism of wearable augmented environments for certain applications. Tactual displays have previously been used for scientific visualization in virtual environments by chemists and engineers to improve perception and understanding of force fields and of world models populated with the impenetrable. In addition to tactual displays, the use of wearable audio displays that allow sound to be spatialized are being developed. With wearable computers, designers will soon be able to pair spatialized sound to virtual representations of objects when appropriate to make the wearable computer experience even more realistic to the user. Furthermore, as the number and complexity of wearable computing applications continues to grow, there will be increasing needs for systems that are faster, lighter, and have higher resolution displays. Better networking technology will also need to be developed to allow all users of wearable computers to have high bandwidth connections for real time information gathering and collaboration. In addition to the technology advances that make users need to wear computers in everyday life, there is also the desire to have users want to wear their computers. In order to do this, wearable computing needs to be unobtrusive and socially acceptable. By making wearables smaller and lighter, or actually embedding them in clothing, users can conceal them easily and wear them comfortably. The military is currently working on the development of the Personal Information Carrier (PIC) or digital dog tag. The PIC is a small electronic storage device containing medical information about the wearer. While old military dog tags contained only 5 lines of information, the digital tags may contain volumes of multi-media information including medical history, X-rays, and cardiograms. Using hand held devices in the field, medics would be able to call this information up in real time for better treatment. A fully functional transmittable device is still years off, but this technology once developed in the military, could be adapted tp civilian users and provide ant information, medical or otherwise, in a portable, not obstructive, and fashionable way. Another future device that could increase safety and well being of its users is the nose on-a-chip developed by the Oak Ridge National Lab in Tennessee. This tiny digital silicon chip about the size of a dime, is capable of 'smelling' natural gas leaks in stoves, heaters, and other appliances. It can also detect dangerous levels of carbon monoxide. This device can also be configured to notify the fire department when a leak is detected. This nose chip should be commercially available within 2 years, and is inexpensive, requires low power, and is very sensitive. Along with gas detection capabilities, this device may someday also be configured to detect smoke and other harmful gases. By embedding this chip into workers uniforms, name tags, etc., this could be a lifesaving computational accessory. In addition to the future safety technology soon to be available as accessories are devices that are for entertainment and security. The LCI computer group is developing a Smartpen, that electronically verifies a user's signature. With the increase in credit card use and the rise in forgeries, is the need for commercial industries to constantly verify signatures. This Smartpen writes like a normal pen but uses sensors to detect the motion of the pen as the user signs their name to authenticate the signature. This computational accessory should be available in 1999, and would bring increased peace of mind to consumers and vendors alike. In the entertainment domain, Panasonic is creating the first portable hand-held DVD player. This device weight less than 3 pounds and has a screen about 6' across. The color LCD has the same 16:9 aspect ratio of a cinema screen and supports a high resolution of 280,000 pixels and stereo sound. The player can play standard DVD movies and has a hour battery life for mobile use. To summarize, in this paper we presented concepts related to the design and use of wearable computers with extensions to smart spaces. For some time, researchers in telerobotics have used computer graphics to enhance remote scenes. Recent advances in augmented reality displays make it possible to enhance the user's local environment with 'information'. As shown in this paper, there are many application areas for this technology such as medicine, manufacturing, training, and recreation. Wearable computers allow a much closer association of information with the user. By embedding sensors in the wearable to allow it to see what the user sees, hear what the user hears, sense the user's physical state, and analyze what the user is typing, an intelligent agent may be able to analyze what the user is doing and try to predict the resources he will need next or in the near future. Using this information, the agent may download files, reserve communications bandwidth, post reminders, or automatically send updates to colleagues to help facilitate the user's daily interactions. This intelligent wearable computer would be able to act as a personal assistant, who is always around, knows the user's personal preferences and tastes, and tries to streamline interactions with the rest of the world.

• The Journal of the Korea Contents Association
• /
• v.9 no.4
• /
• pp.131-141
• /
• 2009

An increasing variety of malware, such as worms, spyware and adware, threatens both personal and business computing. Remotely controlled bot networks of compromised systems are growing quickly. This paper proposes an intrusion detection system based outflow traffic analysis. Many research efforts and commercial products have focused on preventing intrusion by filtering known exploits or unknown ones exploiting known vulnerabilities. Complementary to these solutions, the proposed IDS can detect intrusion of unknown new mal ware before their signatures are widely distributed. The proposed IDS is consists of a outflow detector, user monitor, process monitor and network monitor. To infer user intent, the proposed IDS correlates outbound connections with user-driven input at the process level under the assumption that user intent is implied by user-driven input. As a complement to existing prevention system, proposed IDS decreases the danger of information leak and protects computers and networks from more severe damage.

• Korean Security Journal
• /
• no.39
• /
• pp.269-294
• /
• 2014

Korea is concerned with information security industry due to recent leak-out private information of 3 card companies. Executives are aware of damage from breach of security such as personal data spill, is more dangerous than any other financial risks. The information security industry, which was limited in physical security and network security formerly, is evolving into convergence security of public and facility security industry. The field of interest has also been changed into security of smart phone and intelligence image recently, from firewall or Anti-virus. The convergence security is originally about access control of facility, but recently its demand has been increased mostly by public institutions and major companies. The scope of the industry also varies from finance, education, distribution, national defense, medical care to automobile industry. The market of convergence security has been expanded and new various products and services of security of intelligent vehicle, 'U' healthcare, finance, smart grid and key industries are also developed. It is required to create and enhance of new curriculum and cultivate human resources for the development of knowledge information security industry. Raising standard of education and security consciousness of the nation is also necessary to strengthen the global competitiveness.

• Korean Security Journal
• /
• no.24
• /
• pp.147-170
• /
• 2010

This study is to present a improvement directions for the protection of industrial key technology. For the purpose of the study, the survey was carried out on the administrative security activity of 68 enterprises including Large companies, small-midium companies and public corporations. survey result on the 10 items of security policy, 10 items of personal management and 7 items of the assets management are as follows; First, stable foundation for the efficient implement of security policy is needed. Carrying a security policy into practice and continuous upgrade should be fulfilled with drawing-up of the policy. Also for the vitalization of security activity, arrangement of security organization and security manager are needed with mutual assistance in the company. Periodic security inspection should be practiced for the improvement of security level and security understanding. Second, the increase of investment for security job is needed for security invigoration. Securing cooperation channel with professional security facility such as National Intelligence Service, Korea internet & security agency, Information security consulting company, security research institute is needed, also security outsourcing could be considered as the method of above investment. Especially small-midium company is very vulnerable compared with Large company and public corporation in security management, so increase of government's budget for security support system is necessary. Third, human resource management is important, because the main cause of leak of confidential information is person. Regular education rate for new employee and staff members is relatively high, but the vitalization of security oath for staff members and the third party who access to key technology is necessary. Also access right to key information should be changed whenever access right changes. Reinforcement of management of resigned person such as security oath, the elimination of access right to key information and the deletion of account. is needed. Forth, the control and management of important asset including patent and design should be tightened. Classification of importance of asset and periodic inspection are necessary with the effects evaluation of leak of asset.

• The KIPS Transactions:PartB
• /
• v.18B no.5
• /
• pp.315-324
• /
• 2011

In Web environment, a flood of spam causes serious social problems such as personal information leak, monetary loss from fishing and distribution of harmful contents. Moreover, types and techniques of spam distribution which must be controlled are varying as days go by. The learning based spam classification method using Bag-of-Words model is the most widely used method until now. However, this method is vulnerable to anti-spam avoidance techniques, which recent spams commonly have, because it classifies spam documents utilizing only keyword occurrence information from classification model training process. In this paper, we propose a spam document detection method using a characteristic of repeating words occurring in spam documents as a solution of anti-spam avoidance techniques. Recently, most spam documents have a trend of repeating key phrases that are designed to spread, and this trend can be used as a measure in classifying spam documents. In this paper, we define six variables, which represent a characteristic of word repetition, and use those variables as a feature set for constructing a classification model. The effectiveness of proposed method is evaluated by an experiment with blog posts and E-mail data. The result of experiment shows that the proposed method outperforms other approaches.

• Korean Security Journal
• /
• no.62
• /
• pp.347-367
• /
• 2020

Rapid advancement of technology in today's society has allowed for easy access and use of data, promoting the process of informationization. Along with the merits of such development, unintended consequences of security risks involving wiretapping have been increasing as well. The security threats posed by wiretapping technology must be addressed by every organization and individual, as it could be used to leak confidential information about the nation's security, military and diplomatic strategies, industrial technologies, and personal information. Despite increasing threats stemming from the surrounding nations using advanced wiretapping technology, there is a lack of awareness at the government level, and the existing security measures for detecting and counteracting the wiretapping equipment are ineffective. In this research, the authors offered technical suggestions for improving the security strategies against the threats of wiretapping and information leakage by conducting a content analysis. The authors suggested the units of an agency be assigned a security grade based on its importance, and that adequate security equipment should be operated according to the grade. For instance, around-the-clock surveillance is recommended for grade-1 facilities, and portable wiretapping equipment detectors should be used to protect conference rooms and other key sites.